LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Sun Sep 23 20:42:41 EDT 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1252N/AN/AN/AN/AN/A
ALL Hosts This Month 22 3,094 140.64 97.55 123 372 0
ALL Hosts Last Month 31 2,332 75.23 45.95 51 165 14
ALL Hosts This Year 265 15,200 57.36 59.03 36 372 0
ALL Hosts Since Logging Started 979 135,567 138.47 277.00 71 4,447 0
ALL Hosts Normalized Since Logging Started 1,677 50,154 29.91 160.30 9 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today131N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 31.41 12.63 33.5 55 0
ALL Hosts Last Month 31N/A 32.65 7.69 33 46 13
ALL Hosts This Year 265N/A 24.00 22.03 4 140 0
ALL Hosts Since Logging Started 979N/A 28.34 22.71 31 317 0
ALL Hosts Normalized Since Logging Started 979N/A 28.34 22.71 31 317 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 0.09 0.29 0 1 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 265N/A 0.19 0.42 0 2 0
ALL Hosts Since Logging Started 979N/A 0.77 1.60 0 17 0
ALL Hosts Normalized Since Logging Started 979N/A 0.77 1.60 0 17 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 26.45 10.98 28.5 46 0
ALL Hosts Last Month 31N/A 27.52 7.09 28 44 12
ALL Hosts This Year 265N/A 19.96 20.67 30 133 0
ALL Hosts Since Logging Started 979N/A 15.24 19.05 23 293 0
ALL Hosts Normalized Since Logging Started 979N/A 15.24 19.05 23 293 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 110.32 88.68 224.5 315 0
ALL Hosts Last Month 31N/A 42.35 41.95 32 121 0
ALL Hosts This Year 265N/A 34.59 47.35 3 315 0
ALL Hosts Since Logging Started 950N/A 89.02 260.93 316.5 4,304 0
ALL Hosts Normalized Since Logging Started 950N/A 89.02 260.93 316.5 4,304 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1225N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 83.82 55.32 152 170 0
ALL Hosts Last Month 31N/A 39.94 39.60 3 117 0
ALL Hosts This Year 265N/A 26.71 33.78 3 170 0
ALL Hosts Since Logging Started 950N/A 30.69 46.94 22 697 0
ALL Hosts Normalized Since Logging Started 950N/A 30.69 46.94 22 697 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 265N/A 0.01 0.09 0 1 0
ALL Hosts Since Logging Started 950N/A 2.14 16.81 0 391 0
ALL Hosts Normalized Since Logging Started 950N/A 2.14 16.81 0 391 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 265N/A 0.01 0.09 0 1 0
ALL Hosts Since Logging Started 979N/A 2.34 17.06 0 391 0
ALL Hosts Normalized Since Logging Started 979N/A 2.34 17.06 0 391 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 89.41 56.41 164.5 178 0
ALL Hosts Last Month 31N/A 45.13 40.67 6 124 4
ALL Hosts This Year 265N/A 29.99 34.87 4 178 0
ALL Hosts Since Logging Started 950N/A 35.76 48.62 26 743 0
ALL Hosts Normalized Since Logging Started 950N/A 35.76 48.62 26 743 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 265N/A 0.01 0.09 0 1 0
ALL Hosts Since Logging Started 950N/A 2.14 16.81 0 391 0
ALL Hosts Normalized Since Logging Started 950N/A 2.14 16.81 0 391 0
 
Hosts protected by BlackRidge Technologies
 
Hosts protected by an Intrusion Protection System
 
Educational Sites
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential server
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today172N/AN/AN/AN/AN/A
shepherd This Month 17 1,506 88.59 72.39 89 195 0
shepherd Last Month 28 987 35.25 39.76 16 152 2
shepherd This Year 225 5,582 24.81 36.89 8 195 0
shepherd Since Logging Started 854 26,751 31.32 42.94 10 228 0
shepherd Normalized Since Logging Started 854 26,751 31.32 42.94 10 228 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today17N/AN/AN/AN/AN/A
shepherd This Month 17N/A 10.24 5.95 21 22 0
shepherd Last Month 28N/A 11.07 5.20 17.5 19 2
shepherd This Year 225N/A 8.22 9.27 19 49 0
shepherd Since Logging Started 855N/A 7.06 6.65 2 49 0
shepherd Normalized Since Logging Started 855N/A 7.06 6.65 2 49 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 0.06 0.24 0 1 0
shepherd Last Month 28N/A 0.00 0.00 0 0 0
shepherd This Year 225N/A 0.08 0.28 0 2 0
shepherd Since Logging Started 855N/A 0.12 0.42 0 4 0
shepherd Normalized Since Logging Started 855N/A 0.12 0.42 0 4 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 4.59 6.21 2 21 0
shepherd Last Month 28N/A 7.29 6.05 14 17 0
shepherd This Year 225N/A 5.10 8.67 1 47 0
shepherd Since Logging Started 854N/A 3.74 5.33 2 47 0
shepherd Normalized Since Logging Started 854N/A 3.74 5.33 2 47 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 79.76 70.77 176 181 0
shepherd Last Month 28N/A 24.07 36.60 15 136 0
shepherd This Year 225N/A 16.69 33.62 1 181 0
shepherd Since Logging Started 846N/A 15.91 26.95 100 181 0
shepherd Normalized Since Logging Started 846N/A 15.91 26.95 100 181 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today166N/AN/AN/AN/AN/A
shepherd This Month 17N/A 68.29 58.70 155 170 0
shepherd Last Month 28N/A 22.29 33.01 13.5 109 0
shepherd This Year 225N/A 14.50 28.34 1 170 0
shepherd Since Logging Started 846N/A 8.32 19.44 15 170 0
shepherd Normalized Since Logging Started 846N/A 8.32 19.44 15 170 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 0.00 0.00 0 0 0
shepherd Last Month 28N/A 0.00 0.00 0 0 0
shepherd This Year 225N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 846N/A 0.41 4.84 0 86 0
shepherd Normalized Since Logging Started 846N/A 0.41 4.84 0 86 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 0.00 0.00 0 0 0
shepherd Last Month 28N/A 0.00 0.00 0 0 0
shepherd This Year 225N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 854N/A 0.41 4.81 0 86 0
shepherd Normalized Since Logging Started 854N/A 0.41 4.81 0 86 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 70.76 59.28 22 173 0
shepherd Last Month 28N/A 25.07 33.31 4 112 1
shepherd This Year 225N/A 16.24 28.88 2 173 0
shepherd Since Logging Started 846N/A 10.44 20.36 3 173 0
shepherd Normalized Since Logging Started 846N/A 10.44 20.36 3 173 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 17N/A 0.00 0.00 0 0 0
shepherd Last Month 28N/A 0.00 0.00 0 0 0
shepherd This Year 225N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 846N/A 0.41 4.84 0 86 0
shepherd Normalized Since Logging Started 846N/A 0.41 4.84 0 86 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS-Amazon Webservices webserver
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17 0 0.00 0.00 0 0 0
AWS Last Month 26 0 0.00 0.00 0 0 0
AWS This Year 200 0 0.00 0.00 0 0 0
AWS Since Logging Started 823 23,403 28.44 224.59 7 4,253 0
AWS Normalized Since Logging Started 823 23,403 28.44 224.59 7 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 823N/A 6.69 8.77 11 109 0
AWS Normalized Since Logging Started 823N/A 6.69 8.77 11 109 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 823N/A 0.22 0.57 0 7 0
AWS Normalized Since Logging Started 823N/A 0.22 0.57 0 7 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 822N/A 3.66 6.95 10 103 0
AWS Normalized Since Logging Started 822N/A 3.66 6.95 10 103 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 815N/A 23.57 224.88 11 4,241 0
AWS Normalized Since Logging Started 815N/A 23.57 224.88 11 4,241 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 815N/A 6.23 16.40 11 170 0
AWS Normalized Since Logging Started 815N/A 6.23 16.40 11 170 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 815N/A 0.21 3.34 0 84 0
AWS Normalized Since Logging Started 815N/A 0.21 3.34 0 84 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 823N/A 0.21 3.32 0 84 0
AWS Normalized Since Logging Started 823N/A 0.21 3.32 0 84 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 815N/A 7.45 16.81 12 172 0
AWS Normalized Since Logging Started 815N/A 7.45 16.81 12 172 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 200N/A 0.00 0.00 0 0 0
AWS Since Logging Started 815N/A 0.21 3.34 0 84 0
AWS Normalized Since Logging Started 815N/A 0.21 3.34 0 84 0

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2